Who Do You Trust Less: The NSA or Anonymous?

Intelligence officials seem to be polishing up their case to take on Anonymous like a 'stateless' terrorist group.

The director of the National Security Agency, Gen. Keith Alexander, told various high-level audiences that the loosely affiliated group, Anonymous, would soon have the capability "to bring about a limited power outage through a cyberattack," according to an anonymously sourced article in the Wall Street Journal today.

The Journal admits that Anonymous "has never listed a power
blackout as a goal," but warned that "some federal officials believe Anonymous is
headed in a more disruptive direction," anyway.

The Anonymous-affiliated Twitter account, @YourAnonNews, responded with a blunt denial. "NSA head engages in alarmist rhetoric & fear-mongering," they wrote today. "Why would Anons take out power grids when lives depend on them?"

Security expert Christopher Soghoian displayed skepticism about the NSA warning, too. "I'm confused," he tweeted, "What will happen in next year or 2 to give anonymous
ability to hack power grid. Either the grid is secure or insecure."

The Journal article, following the line of "U.S. intelligence officials" lumped together Anonymous into a new cyber axis of evil that consisted of al Qaeda operatives, Chinese cyberspies, Russian cyberspies, and ... a bunch of random people in IRC rooms using relatively unsophisticated denial-of-service attacks.

U.S. intelligence officials already
have found what they say is evidence of Chinese and Russian cyberspies
snooping in computer systems that run the electric grid, possibly in
preparation for a conflict with the U.S. The governments of China and
Russia have denied any involvement.

A stateless group like Anonymous
doesn't yet have that capability, officials say. But if the group's
members around the world developed or acquired it, an attack on the
power grid would become far more likely, according to cybersecurity
experts.

Note the use of the word "stateless." While it *can* apply to refugees and other entities, government officials tend to apply that adjective to a specific set of groups: People the American government labels terrorists, most particularly al Qaeda. Here's the normal deployment of the word from the 9/11 Commission report:

Our enemy is twofold: al Qaeda, a stateless network of terrorists that
struck us on 9/11; and a radical ideological movement in the Islamic
world, inspired in part by al Qaeda, which has spawned terrorist groups
and violence across the globe. [emphasis mine]

So, now we know the frame through which the intelligence community sees Anonymous. That helps make sense of the scenarios that officials floated linking Anonymous to enemies of the United States.

"Possible scenarios discussed, the former official said, included one in which a foreign government developed the attack capability and
outsourced it to a group like Anonymous, or if a U.S. adversary like al
Qaeda hired hackers to mount a cyberattack," the article continued.

The overheated cyber rhetoric reminds some of the way the Bush Administration used yellowcake uranium in the lead-up to the Iraq war.

"Evidence to sustain such dire warnings is conspicuously absent," wrote George Mason's Jerry Brito and Tate Watkins last week in Wired's Threat Level. "In many
respects, rhetoric about cyber catastrophe resembles threat inflation we
saw in the run-up to the Iraq War. And while Congress' passing of
comprehensive cybersecurity legislation wouldn't lead to war, it could
saddle us with an expensive and overreaching cyber-industrial complex."

The weird thing is that the thinking in the Journal piece, which seems to place
Anonymous somewhere between Iran and a Colombian drug cartel on the
danger scale, seems to garner serious consideration from our national
security officials, perhaps because the word 'cyber' sounds so
scary. The article concludes:

White House spokeswoman Caitlin Hayden
said she couldn't discuss details of internal deliberations, but she
said the administration "has made cybersecurity a top priority, and we
are working tirelessly to protect ourselves from the threats we face,
whether they come from other nations, cyber criminals, or from stateless
activist hacker groups."

Note that word again,
"stateless," and ask yourself if Anonymous should be deemed a terrorist
group. Who has Anonymous hurt? What kinds of laws
have they broken? Are they pursuing weapons? Do they sell drugs? Do they
have guns? What credible evidence do we have that they are trying to
hurt regular citizens? If not, what is gained by lumping them in along with real and persistent threats to Americans?

One doesn't have to support Anonymous' methods, goals, or aesthetics to
worry about the US response to them in the intelligence community.